lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <201805062340.HFC78625.VFFFOHSOtQMOJL@I-love.SAKURA.ne.jp>
Date:   Sun, 6 May 2018 23:40:10 +0900
From:   Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>
To:     tytso@....edu
Cc:     syzbot+a9a45987b8b2daabdc88@...kaller.appspotmail.com,
        syzkaller-bugs@...glegroups.com, syzkaller@...glegroups.com,
        adilger.kernel@...ger.ca, linux-ext4@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: kernel panic: EXT4-fs (device loop0): panic forced after error

Theodore Y. Ts'o wrote:
> On Sun, May 06, 2018 at 02:03:57PM +0900, Tetsuo Handa wrote:
> > 
> > Since syzbot is hitting this error path inside mount() request, calling
> > panic() when something went wrong inside mount() request might be
> > overkill. We can recover without shutting down the system, can't we?
> 
> We could add a full kernel-mode fsck which gets run before mount ---
> the question is how much complexity we want to add.  If SELinux is
> enabled, then we have to check xattr consinsistency, etc., etc.

You are thinking too complicated. I'm not asking for kernel-mode fsck.
I'm just suggesting that mount() request returns an error to the caller
(and the administrator invokes fsck etc. as needed).

We are fixing bugs which occur during mount operation (e.g.

  https://groups.google.com/d/msg/syzkaller-bugs/Yp4q8n-MijM/yDX3zl1XBQAJ
  https://groups.google.com/d/msg/syzkaller-bugs/4C4oiBX8vZ0/W6pi8NdbBgAJ
  https://groups.google.com/d/msg/syzkaller-bugs/QBnHAQBy2pI/ccf-yL5bBgAJ

). And extX filesystem is different from other filesystems that it invokes
error action specified by errors= parameter rather than return an error to
the caller.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ